| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245 |
- from collections.abc import Mapping
- from copy import deepcopy
- from typing import Any
- from pydantic import BaseModel
- from core.entities.provider_entities import BasicProviderConfig
- from core.helper import encrypter
- from core.helper.tool_parameter_cache import ToolParameterCache, ToolParameterCacheType
- from core.helper.tool_provider_cache import ToolProviderCredentialsCache, ToolProviderCredentialsCacheType
- from core.tools.entities.tool_entities import (
- ToolParameter,
- ToolProviderType,
- )
- from core.tools.tool.tool import Tool
- class ProviderConfigEncrypter(BaseModel):
- tenant_id: str
- config: Mapping[str, BasicProviderConfig]
- provider_type: str
- provider_identity: str
- def _deep_copy(self, data: dict[str, str]) -> dict[str, str]:
- """
- deep copy data
- """
- return deepcopy(data)
- def encrypt(self, data: dict[str, str]) -> Mapping[str, str]:
- """
- encrypt tool credentials with tenant id
- return a deep copy of credentials with encrypted values
- """
- data = self._deep_copy(data)
- # get fields need to be decrypted
- fields = self.config
- for field_name, field in fields.items():
- if field.type == BasicProviderConfig.Type.SECRET_INPUT:
- if field_name in data:
- encrypted = encrypter.encrypt_token(self.tenant_id, data[field_name])
- data[field_name] = encrypted
- return data
- def mask_tool_credentials(self, data: dict[str, Any]) -> Mapping[str, Any]:
- """
- mask tool credentials
- return a deep copy of credentials with masked values
- """
- data = self._deep_copy(data)
- # get fields need to be decrypted
- fields = self.config
- for field_name, field in fields.items():
- if field.type == BasicProviderConfig.Type.SECRET_INPUT:
- if field_name in data:
- if len(data[field_name]) > 6:
- data[field_name] = \
- data[field_name][:2] + \
- '*' * (len(data[field_name]) - 4) + \
- data[field_name][-2:]
- else:
- data[field_name] = '*' * len(data[field_name])
- return data
- def decrypt(self, data: dict[str, str]) -> Mapping[str, str]:
- """
- decrypt tool credentials with tenant id
- return a deep copy of credentials with decrypted values
- """
- cache = ToolProviderCredentialsCache(
- tenant_id=self.tenant_id,
- identity_id=f'{self.provider_type}.{self.provider_identity}',
- cache_type=ToolProviderCredentialsCacheType.PROVIDER
- )
- cached_credentials = cache.get()
- if cached_credentials:
- return cached_credentials
- data = self._deep_copy(data)
- # get fields need to be decrypted
- fields = self.config
- for field_name, field in fields.items():
- if field.type == BasicProviderConfig.Type.SECRET_INPUT:
- if field_name in data:
- try:
- data[field_name] = encrypter.decrypt_token(self.tenant_id, data[field_name])
- except:
- pass
- cache.set(data)
- return data
- def delete_tool_credentials_cache(self):
- cache = ToolProviderCredentialsCache(
- tenant_id=self.tenant_id,
- identity_id=f'{self.provider_type}.{self.provider_identity}',
- cache_type=ToolProviderCredentialsCacheType.PROVIDER
- )
- cache.delete()
- class ToolParameterConfigurationManager(BaseModel):
- """
- Tool parameter configuration manager
- """
- tenant_id: str
- tool_runtime: Tool
- provider_name: str
- provider_type: ToolProviderType
- identity_id: str
- def _deep_copy(self, parameters: dict[str, Any]) -> dict[str, Any]:
- """
- deep copy parameters
- """
- return deepcopy(parameters)
- def _merge_parameters(self) -> list[ToolParameter]:
- """
- merge parameters
- """
- # get tool parameters
- tool_parameters = self.tool_runtime.parameters or []
- # get tool runtime parameters
- runtime_parameters = self.tool_runtime.get_runtime_parameters() or []
- # override parameters
- current_parameters = tool_parameters.copy()
- for runtime_parameter in runtime_parameters:
- found = False
- for index, parameter in enumerate(current_parameters):
- if parameter.name == runtime_parameter.name and parameter.form == runtime_parameter.form:
- current_parameters[index] = runtime_parameter
- found = True
- break
- if not found and runtime_parameter.form == ToolParameter.ToolParameterForm.FORM:
- current_parameters.append(runtime_parameter)
- return current_parameters
- def mask_tool_parameters(self, parameters: dict[str, Any]) -> dict[str, Any]:
- """
- mask tool parameters
- return a deep copy of parameters with masked values
- """
- parameters = self._deep_copy(parameters)
- # override parameters
- current_parameters = self._merge_parameters()
- for parameter in current_parameters:
- if (
- parameter.form == ToolParameter.ToolParameterForm.FORM
- and parameter.type == ToolParameter.ToolParameterType.SECRET_INPUT
- ):
- if parameter.name in parameters:
- if len(parameters[parameter.name]) > 6:
- parameters[parameter.name] = (
- parameters[parameter.name][:2]
- + "*" * (len(parameters[parameter.name]) - 4)
- + parameters[parameter.name][-2:]
- )
- else:
- parameters[parameter.name] = "*" * len(parameters[parameter.name])
- return parameters
- def encrypt_tool_parameters(self, parameters: dict[str, Any]) -> dict[str, Any]:
- """
- encrypt tool parameters with tenant id
- return a deep copy of parameters with encrypted values
- """
- # override parameters
- current_parameters = self._merge_parameters()
- parameters = self._deep_copy(parameters)
- for parameter in current_parameters:
- if (
- parameter.form == ToolParameter.ToolParameterForm.FORM
- and parameter.type == ToolParameter.ToolParameterType.SECRET_INPUT
- ):
- if parameter.name in parameters:
- encrypted = encrypter.encrypt_token(self.tenant_id, parameters[parameter.name])
- parameters[parameter.name] = encrypted
- return parameters
- def decrypt_tool_parameters(self, parameters: dict[str, Any]) -> dict[str, Any]:
- """
- decrypt tool parameters with tenant id
- return a deep copy of parameters with decrypted values
- """
- cache = ToolParameterCache(
- tenant_id=self.tenant_id,
- provider=f'{self.provider_type.value}.{self.provider_name}',
- tool_name=self.tool_runtime.identity.name,
- cache_type=ToolParameterCacheType.PARAMETER,
- identity_id=self.identity_id,
- )
- cached_parameters = cache.get()
- if cached_parameters:
- return cached_parameters
- # override parameters
- current_parameters = self._merge_parameters()
- has_secret_input = False
- for parameter in current_parameters:
- if (
- parameter.form == ToolParameter.ToolParameterForm.FORM
- and parameter.type == ToolParameter.ToolParameterType.SECRET_INPUT
- ):
- if parameter.name in parameters:
- try:
- has_secret_input = True
- parameters[parameter.name] = encrypter.decrypt_token(self.tenant_id, parameters[parameter.name])
- except:
- pass
- if has_secret_input:
- cache.set(parameters)
- return parameters
- def delete_tool_parameters_cache(self):
- cache = ToolParameterCache(
- tenant_id=self.tenant_id,
- provider=f'{self.provider_type.value}.{self.provider_name}',
- tool_name=self.tool_runtime.identity.name,
- cache_type=ToolParameterCacheType.PARAMETER,
- identity_id=self.identity_id,
- )
- cache.delete()
|
